package org.third.spring.boot.hello.init;

import java.util.Collections;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.SessionCookieConfig;
import javax.servlet.SessionTrackingMode;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
import org.springframework.stereotype.Component;

@Component
public class HelloSpringBootServletInitializer extends SpringBootServletInitializer {
    public static final Logger logger = LoggerFactory.getLogger(HelloSpringBootServletInitializer.class);

    public void onStartup(ServletContext servletContext) throws ServletException {
        super.onStartup(servletContext);
        logger.info("start SpringBootServletInitializer");
        // This will set to use COOKIE only
        servletContext.setSessionTrackingModes(Collections.singleton(SessionTrackingMode.COOKIE));
        // This will prevent any JS on the page from accessing the
        // cookie - it will only be used/accessed by the HTTP transport
        // mechanism in use
        SessionCookieConfig sessionCookieConfig = servletContext.getSessionCookieConfig();
        sessionCookieConfig.setHttpOnly(true);
    }
}
